Open Asset Import Library Assimp Heap-Based Buffer Overflow Vulnerability in MD5 File Handler

A critical heap-based buffer overflow vulnerability has been identified in Open Asset Import Library (Assimp) version 5.4.3 and later. The issue arises in the MD5 File Handler component, specifically within the function 'AI_MD5_PARSE_STRING_IN_QUOTATION' in 'MD5Parser.cpp'. The vulnerability can be exploited remotely, potentially leading to arbitrary code execution, if a victim is tricked into processing a malformed MD5 file with Assimp.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by building Assimp with address sanitizer enabled, using a fuzzer to generate a malformed MD5 file that exploits the buffer overflow, and then running the fuzzer with the crafted file. This process triggers the vulnerability, as confirmed by the address sanitizer's heap-buffer-overflow error report.